Tuesday, April 2, 2013

Setting up Prestashop file permissions on Fedora

Sometimes I need to write important things somewhere I can find them. That's the case again with setting up Prestashop file permissions on a SElinux enabled system such as Fedora.


cd prestashop
chown -R apache:sebastian
# allow user and group search directories and set the new files inherit the group of parent folder 
find . -type d -exec chmod ug+xs {} \;
# don't allow others to do anything and allow my group to read and write all, don't allow apache to write anything
chmod -R u-w,o-rwxs,g+rw .
# set permissions of newly created files so that others cannot do anything them
umask o-rwx
# set selinux context so that apache can access everything
chcon -t httpd_sys_content_t -R .
# set selinux context and permissions so that apache can write into places it needs to be able to write
chcon -t httpd_sys_rw_content_t -R config cache log img mails modules translations upload download sitemap.xml
chmod -R u+rw config cache log img mails modules translations upload download sitemap.xml

3 comments:

Unknown said...

I didn't know about this SE Linux limitations with apache ...
srsly, you helped me a lot with this tip, thanks, thanks thanks thanks thanks and thanks again!

Sebastian Mäki said...

No problem. Many tutorials seem to ignore the fact that there are SE Linux enabled systems.

John McStone said...

Recently started working on the platform Magento. First there was a problem with the protection of the website, on blogs found a fix to fix a critical vulnerability, then there were problems with installing a template to improve the design of the site. When I was working on prestashop projects, I did not encounter such problems, only once when I was trying to put a template that was not designed to work on prestashop

Tip me if you like what you're reading